[Ysx]

> Each individual company is probably better off paying the ransom, but everyone would be better off if no one paid a ransom.

You're then a target known to be vulnerable and pay ransoms, so best focus on security.

[sgc]

If you have to pay, at least try to negotiate 1) a guarantee that the hackers won't just do it again sometime later, and 2) full disclosure / assistance in repairing your vulnerabilities so you have some kind of head start for the future. Outside of politically motivated hackers, this would probably be reasonably successful.

[LgWoodenBadger]

What possible type of guarantee could one ever hope to "negotiate" with someone who has just successfully blackmailed/ransomed/extorted?

[sgc]

We are in the context of already having to pay. You are at their mercy no matter what, so the only value of any interaction with them is based on hoping they have incentive to maintain their promises to protect their reputation etc.

It's not a good situation to be in, but still, try to make the best of it.

[kelnos]

If the ransomware operator believes that breaking their word might make it harder to get money out of future victims, they'll keep their word.

They might not believe that, but if you're at the point where you're paying anyway, you might as well try to get that commitment from them.

[Symbiote]

Other hacking groups now know Instructure pays up.